Ipv4 & ipv6 Virtual Hosting - address in use

Dobai-Pataky_BSSSSl · December 1, 2010, 8:30pm

I have latest nginx configured;

I have one that is purely ipv6 and one that is purely ipv4;

They both work fine in a multi-server environment;

server {
listen 80;

listen [::]:80 ipv6only=on;

     server_name  domain1.com;

     #charset koi8-r;

     #access_log  logs/host.access.log  main;

     location / {
         root   html;
         index  index.html index.htm;
     }

}

server {
listen 80;

listen [::]:80 ipv6only=on;

     server_name  domain2.com;

     #charset koi8-r;

     #access_log  logs/host.access.log  main;

     location / {
         root   html;
         index  index.html index.htm;
     }

}

If I un-comment to bind to ipv6 as well as ipv4; when nginx starts it
complains the address is in use;

I saw a patch for this here is the post;

But according to that post it has been included in 8.39 I am using 8.53

elegant · December 1, 2010, 9:09pm

On Wed, Dec 01, 2010 at 02:24:24PM -0500, David J. wrote:

     server_name  domain1.com;
}

But according to that post it has been included in 8.39 I am using 8.53

What OS do you use ?

This
listen 80;
listen [::]:80 ipv6only=on;
should work, however, if you add “ipv6only=on” to existant configuration
and reload it using -HUP, then it does not work. You should stop nginx
and start it again due to the IPV6_V6ONLY option behaviour.

–
Igor S.
http://sysoev.ru/en/

elegant · December 1, 2010, 9:15pm

On 1 Dez 2010 19h24 WET, [email protected] wrote:

server_name domain1.com;
}

I saw a patch for this here is the post;

But according to that post it has been included in 8.39 I am using
8.53

Cf http://wiki.nginx.org/HttpCoreModule#listen

AFAIK, it depends on what type of sockets your OS support, IPv4 only,
IPv4+IPv6 hybrid or IPv4 and IPv6 separate.

If you’re in a OS that supports hybrid sockets then it seems that your
config is incorrect, in the sense that it assumes separate IPv6 and
IPv4 sockets.

Also, AFAIK, Linux uses hybrid sockets by default, while FreeBSD uses
separate sockets for IPv4 and IPv6.

Perhaps someone more knowledgeable than I in OS’ kernel networking
internals can chime in.

HTH,
— appa

elegant · December 1, 2010, 9:32pm

On Wed, Dec 01, 2010 at 03:20:15PM -0500, David J. wrote:

Thanks for the responses;

I am running ubuntu 10.10 on these particular instances;

I was able to get it working however; its going to the first server
configured;

So I am still not quite sure how to fix;

I will try playing around a bit more.

You should set “ipv6only” option only in one server
with “default_server” flag:

server {
listen 80;
listen [::]:80 default_server ipv6only=on;
server_name domain1.com;
…
}

server {
listen 80;
listen [::]:80;
server_name domain2.com;
…
}

listen 80;
index index.html index.htm;
#charset koi8-r;
it complains the address is in use;

HTH,

nginx mailing list
[email protected]
nginx Info Page

–
Igor S.
http://sysoev.ru/en/

elegant · December 1, 2010, 9:25pm

Thanks for the responses;

I am running ubuntu 10.10 on these particular instances;

I was able to get it working however; its going to the first server
configured;

So I am still not quite sure how to fix;

I will try playing around a bit more.

Thanks.

elegant · December 27, 2010, 2:42pm

Hello!

On Sun, Dec 26, 2010 at 03:36:16PM -0500, petteyg359 wrote:

net.ipv6.bindv6only is set to 1.
Works ok here.

You may want to provide more details, i.e. exact nginx version you
are using, full config which triggers the problem and OS details.

Maxim D.

elegant · December 26, 2010, 9:37pm

ipv6only=on seems to behave the opposite of what it should. I have a
default_server listening on all interfaces. It works fine using
listen [::]:80 default_server;
listen 80 default_server;

but if I do
listen [::]:80 default_server ipv6only=on;
listen 80 default_server;

then I get a bunch of errors about already bound addresses on startup.
net.ipv6.bindv6only is set to 1.

Posted at Nginx Forum:

elegant · December 27, 2010, 4:57pm

Linux 2.6.34-gentoo-r12 x86_64 Intel(R) Core™ i7 CPU 930 @ 2.80GHz
GenuineIntel GNU/Linux

nginx -V

nginx version: nginx/0.8.53
TLS SNI support enabled
configure arguments: --prefix=/usr --sbin-path=/usr/sbin/nginx
–conf-path=/etc/nginx/nginx.conf
–error-log-path=/var/log/nginx/error_log --pid-path=/var/run/nginx.pid
–lock-path=/var/lock/nginx.lock --user=nginx --group=nginx
–with-cc-opt=-I/usr/include --with-ld-opt=-L/usr/lib
–http-log-path=/var/log/nginx/access_log
–http-client-body-temp-path=/var/tmp/nginx/client
–http-proxy-temp-path=/var/tmp/nginx/proxy
–http-fastcgi-temp-path=/var/tmp/nginx/fastcgi
–http-scgi-temp-path=/var/tmp/nginx/scgi
–http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --with-ipv6 --with-pcre
–without-http_autoindex_module --without-http_browser_module
–without-http_charset_module --without-http_geo_module
–without-http_map_module --without-http_memcached_module
–without-http_referer_module --without-http_ssi_module
–without-http_split_clients_module --without-http_userid_module
–with-http_realip_module --with-http_ssl_module
–without-mail_imap_module --without-mail_pop3_module
–without-mail_smtp_module

server {
listen [::]:80 default_server;
listen 80 default_server;
return 444;
}
#According to docs, this config should fail, because without
ipv6only=on,
#this line should automatically listen on ipv4 interfaces also.

netstat -lp | grep nginx

tcp 0 0 :http :
LISTEN 31704/nginx.conf
tcp6 0 0 [::]:http [::]:
LISTEN 31704/nginx.conf

server {
listen [::]:80 default_server ipv6only=on;
return 444;
}
#I remove the listen 80 line, and add ipv6only=on

/etc/init.d/nginx start

Checking nginx’ configuration …
the configuration file /etc/nginx/nginx.conf syntax is ok
configuration file /etc/nginx/nginx.conf test is successful
```
                                                [ ok ]
```
Starting nginx …
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: bind() to [2a01:4f8:130:9101::3]:80 failed (98: Address already
in use)
[emerg]: still could not bind()
start-stop-daemon: failed to start `/usr/sbin/nginx’

Failed to start nginx

                                                [ !! ]

ERROR: nginx failed to start

Not only does it not work as described, it seems to be trying to bind a
specific address multiple times, and maybe succeeding the first time,
because there’s nothing else running on any interface port 80, so it
fails since it can’t successfully bind the same address a second time.

Posted at Nginx Forum:

elegant · December 27, 2010, 6:08pm

Hello!

On Mon, Dec 27, 2010 at 10:55:35AM -0500, petteyg359 wrote:

–http-log-path=/var/log/nginx/access_log
–with-http_realip_module --with-http_ssl_module
#this line should automatically listen on ipv4 interfaces also.
This shouldn’t fail as long as you have ipv6-only bind as
default in your system. It won’t even fail on OSes where binds on
ipv6 with ipv4 doesn’t conflict with ipv4 explicit binds. This is
unrelated though.

#I remove the listen 80 line, and add ipv6only=on
in use)
[ !! ]

ERROR: nginx failed to start

Not only does it not work as described, it seems to be trying to bind a
specific address multiple times, and maybe succeeding the first time,
because there’s nothing else running on any interface port 80, so it
fails since it can’t successfully bind the same address a second time.

Could you please provide full config which triggers the problem?
In particular, full list of server{} blocks with their “listen”
directives.

Maxim D.

elegant · October 13, 2011, 3:57pm

Hi All,
I’m a newbie to nginx and facing similar problem in that I cannot bind
IPv6 address (link local or global):

My nginx.conf is like this:

mail {

auth_http 127.0.0.1:8888/cgi-bin/auth.pl;

auth_http 127.0.0.1:8888/auth.pl;

auth_http                   127.0.0.1:8888/popproxy/auth;
auth_http_header            X-Auth-Domain "a-sya.com";
auth_http_header            X-PopProxy-Secret "popproxy";

auth_http_header X-Auth-Domain “ngm1.ocn-test.ne.jp”;

auth_http_timeout           15000ms;

after_auth_http 127.0.0.1:8888/popproxy-auth/;

pop3_auth                   plain;
pop3_auth                   apop;
pop3_auth                   cram-md5;

proxy_pass_error_message    on;
server {
    listen          10110;
    listen          127.0.0.1:10110;
    listen          [::]:10899;
    # link local address
    #listen          [fe80::20c:29ff:fe86:7e4d]:10499;      ***1
    # global address
    #listen          [fd41:28b7:be11:0:20c:29ff:fe86:7e4d]:10119;

***2
protocol pop3;
server_name localhost;
proxy on;
}
}

If I uncomments the line marked “***1” , the following error occurs:
nginx: [emerg] bind() to [fe80::20c:29ff:fe86:7e4d]:10499 failed (22:
Invalid argument)
If I uncomments the line marked “***2”, the following error occurs:
nginx: [emerg] bind() to [fd41:28b7:be11:0:20c:29ff:fe86:7e4d]:10119
failed (99: Cannot assign requested address)

Could you tell me why these errors occur?
I think simply I forget some important configuration though…

Thanks and regards,
Soichiro MIKI

Maxim D. Wrote:

Could you please provide full config which
triggers the problem?
In particular, full list of server{} blocks with
their “listen”
directives.

Maxim D.

Posted at Nginx Forum: